php - PreAuthorize annotation of Symfony2 JMSSecurityExtraBundle not working


Using the JMSSecurityExtraBundle of Symfony2 I try to create my own expression method and bind it in a controller using the PreAuthorize annotation.

I don't know why but the method is never fired, and the security bundle while trying to evaluate the PreAuthorize annotation concludes with a "Token does not have the required roles.". Seems like is trying to validate roles and not to resolve the PreAuthorize expression.

Example about what I'm trying to do:


namespace Acme\HelperBundle\Security;

use Symfony\Component\DependencyInjection\ContainerInterface;
use JMS\DiExtraBundle\Annotation as DI;

/** @DI\Service */
class RequestAccessEvaluator
    private $container;

     * @DI\InjectParams({
     *     "container" = @DI\Inject("service_container"),
     * })
    public function __construct(ContainerInterface $container)
        $this->container = $container;

    /** @DI\SecurityFunction("isAllowed") */
    public function isAllowed()
        return true;

My Controller:

     * @PreAuthorize("isAllowed()")
     * @Route("/bla/{id}")
     * @Method({"POST"})
     * @return json
    public function postBlaAction(Request $request, $id)



I finally solved my problem... actually I missed that config.

It worked just putting that in my config.yml and setting the option "expressions" to true.

People are also looking for solutions to the problem: php - Lookup the subnets of many IPs in a fast way


Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.